Search Results (5636 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2005-1726 1 Apple 1 Mac Os X 2026-04-16 N/A
The CoreGraphics Window Server in Mac OS X 10.4.1 allows local users with console access to gain privileges by "launching commands into root sessions."
CVE-2004-0089 1 Apple 1 Mac Os X 2026-04-16 N/A
Buffer overflow in TruBlueEnvironment in Mac OS X 10.3.x and 10.2.x allows local users to gain privileges via a long environment variable.
CVE-2005-2508 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
dsidentity in Directory Services in Mac OS X 10.4.2 allows local users to add or remove user accounts.
CVE-2002-1898 1 Apple 2 Mac Os X, Terminal 2026-04-16 N/A
Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a telnet:// link, which is executed by Terminal.app window.
CVE-2005-2516 1 Apple 2 Mac Os X, Safari 2026-04-16 N/A
Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands.
CVE-2005-1307 2 Adobe, Apple 2 Version Cue, Mac Os X 2026-04-16 N/A
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
CVE-2005-2503 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
AppKit for Mac OS X 10.3.9 and 10.4.2 allows attackers with physical access to create local accounts by forcing a particular error to occur at the login window.
CVE-2005-2506 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Algorithmic complexity vulnerability in CoreFoundation in Mac OS X 10.3.9 and 10.4.2 allows attackers to cause a denial of service (CPU consumption) via crafted Gregorian dates.
CVE-2006-4887 1 Apple 2 Apple Remote Desktop, Mac Os X 2026-04-16 N/A
Apple Remote Desktop (ARD) for Mac OS X 10.2.8 and later does not drop privileges on the remote machine while installing certain applications, which allows local users to bypass authentication and gain privileges by selecting the icon during installation. NOTE: it could be argued that the issue is not in Remote Desktop itself, but in applications that are installed while using it.
CVE-2005-1343 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.
CVE-2005-2507 1 Apple 1 Mac Os X Server 2026-04-16 N/A
Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.
CVE-2005-3712 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Heap-based buffer overflow in rsync in Mac OS X 10.4 through 10.4.5 allows remote authenticated users to execute arbitrary code via long extended attributes.
CVE-2005-3782 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Mac OS X 10.4.3 up to 10.4.6, when loginwindow uses the "Name and password" setting, and the "Show the Restart, Sleep, and Shut Down buttons" option is disabled, allows users with physical access to bypass login and reboot the system by entering ">restart", ">power", or ">shutdown" sequences after the username.
CVE-2005-3705 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, as used in applications such as Safari, allows remote attackers to execute arbitrary code via unknown attack vectors.
CVE-2005-3704 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
System log server in Mac OS X and OS X Server 10.4 through 10.4.3 allows remote attackers to spoof syslog messages in log files by injecting various control characters such as newline (NL).
CVE-2005-3706 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
Heap-based buffer overflow in LibSystem in Mac OS X 10.4 through 10.4.5 allows context-dependent attackers to execute arbitrary code by causing an application that uses LibSystem to request a large amount of memory.
CVE-2006-3495 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
AFP Server in Apple Mac OS X 10.3.9 and 10.4.7 stores reconnect keys in a world-readable file, which allows local users to obtain the keys and access files and folders of other users.
CVE-2006-2277 1 Apple 1 Mac Os X 2026-04-16 N/A
Multiple Apple Mac OS X 10.4 applications might allow context-dependent attackers to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using Preview to open the file.
CVE-2004-0382 1 Apple 1 Mac Os X 2026-04-16 N/A
Unknown vulnerability in the CUPS printing system in Mac OS X 10.3.3 and Mac OS X 10.2.8 with unknown impact, possibly related to a configuration file setting.
CVE-2003-1005 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-16 N/A
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.